<?php
/**
 * 处理用户更改密码的请求
 *
 * @author Judas <judasnow@gmail.com>
 * @license http://www.opensource.org/licenses/lgpl-license.php LGPL
 */
session_start();
require_once( 'path.php' );
require_once( SOJ_ROOT.'/include/function/lib.php' );


if( empty( $_SESSION['username'] ) ){

	$_SESSION['fail_message'] = "非法操作";
	$_SESSION['url'] = "/soj/php/account/signin.php" ;
	$_SESSION['url_descript'] = "Click me for sign in." ;

	header("Location: ../message_handle/fail_handle.php" );
	exit ;
}

@$request = $_POST;
var_dump( $request );

try {

$db = db_connect();
$username = $_SESSION['username'];

//判断提供的旧密码是否正确
$old_password = $request['old_password'];

$db_obj_user = new db_obj_user( $db );
$db_obj_user->load( 'username' , $username );
$db_password = $db_obj_user->get('passwd');

if( $db_password != md5($old_password) ) {
	
	$_SESSION['errors']['old_password'] = true ;
	$_SESSION['errors']['message']['old_password'] = "旧密码不符";

}

if( $request['new_password'] == '' ){

	$_SESSION['errors']['new_password'] = true ;
	$_SESSION['errors']['message']['new_password'] = "密码不能为空";
} 

if ( $request['new_password'] != $request['new_password_again'] ){

	$_SESSION['errors']['new_password'] = true ;
	$_SESSION['errors']['new_password_again'] = true ;
	$_SESSION['errors']['message']['new_password'] = "两次输入密码不匹配";
}

if( $_SESSION['errors'] ){
	
	header('Location: change_user_password.php' );
	exit; 
}

$new_password = $request['new_password'];

$update_user_info_process = new update_user_info_process( $db , $username );
$update_user_info_process->update_password( $new_password );

$_SESSION['success_message'] = "update user password successful.";
header('Location: ../message_handle/success_handle.php');
exit;
 
}catch( Exception $e ){
	
	 exception_handle( $e ) ;

}

